Delayed network with NAT

Greatings to all,

I have a strange case in my job, I present it below:

I have a Firewall / Router Mikrotik RouterBoard 1100x2 AH as the edge of my internal network. I followed tutorials to grant Internet through NAT to the internal network, it works but the network works very very slowly, you can not work with it.

I have analyzed the case for a long time, I did several tests and it seems that the cause of the slowness is packet loss more than speed.

Since I did a speed test and it shows a good value, but when working it falls. I notice that when translating DNS it takes a long time or sometimes it does not translate.

Background:
I have VLANs from the Internal side
Outside connects to a Fiber Router of my ISP
If I perform ping and tracer tests in the Firewall it works fine.
The same tests from the Vlan works badly.

Some configuration of NAT Masquerade may be wrong.

I attach captures of my configuration and Topology.

I am attentive to your comments and i’ll answer any questions.

Thank you a lot, best regards

Not sure what is exactly happening there but you have assigned same IP and network range to ether2 and vlan100 (10.250.10.1/24). That does not sound right and I would guess it is a source of your trouble. I assume this issue occurs only on vlan100 or ether2, while it does not occur on other interfaces, right?

****ps: it is easier to share configuration as text code, using console command

/export hide-sensitive

It also makes it way easier to read and you can easily replace any personal details.

Thank you so much for your answer,

Wouu, after seeing a lot of configuration, one gets dizzy.

Thanks for the warning, about the slowness is in all VLAN interfaces. In the same way I deleted the duplicity of IP, because as you say it is not correct. But the slowness continues

Thank you very much, and well, I thought it would be easier to see the configuration by GUI, and I did not share public info.

I will continue looking for the solution.